|
A Memoir, Team HyperX. LiteOn Encryption
|
|
|
jpizzle
Senior Member
|
2. December 2009 @ 04:45 |
Link to this message
|
>> A overview of the history behind firmware modification & the creation and conclusion of the team formerly 'Team Jungle' and the story of an unsuccessful extortion. All views expressed are documented between several members of Team Jungle,THX and the scene and are not opinions expressed by Xbox-Scene.
A great amount of work has been put into the xtreme, and now current ixtreme firmware. commodore4eva, now simply known as 'c4e' came upon the scene to bring changes to the xbox360's firmware that lead to new innovations and progress to a section within the xbox360 hacking scene.
These changes have been for the most part very positive, and in 2009 I formed a group who became known as 'Team Jungle' who spent 8 months working in unison to crack the first LiteOn drive. It was a very very big achievement, and kudos is deserved all around for each member that did their share. It was a very bleak dismal long process that did not look so promising for many many months. The conclusion of Team Jungle/Team HyperX has arrived, and will be documented in this story. It is also my intention to notify everyone of facts previously withheld from the public, and to clear the air with some people unfairly accused of fraud and elitism/heroism with malcontent :)
With the cat and mouse game of almost all modification scenes, with hackers vs vendors, technologies are constantly updated and secured against new vulnerabilities. As the ixtreme firmware was released for the LiteOn, it was apparent to that specific vendor that they needed to step up their game once their secure platform was defeated. It WAS a very brilliant design, for in the simplicity of basic hardware it becomes difficult to secure a platform without the host being entirely integrated into the overall security. We see the PS3 as a fine example of this: A hardware platform that has proven very secure from top to bottom!
Unfortunately, as the securities increased, known vulnerabilities decreased and new methods needed to be found. Alas, they were :) Some of these vulnerabilities were hardware based, and some software. Some were vendor commands (cdb's) that were intentionally placed within the firmware for diagnostic purposes! A large part of firmware 'hacking' is disassembling the firmware and discovering all of the hidden cdb's for alternative usage (piracy, homebrew, etc).
In order to hack the LiteOn, a team was necessary. c4e's talent was the final step to a very long process. You need experts on the physical/hardware side who are capable of extracting the firmware (since known software methods were locked out). Sometimes several hardware guys are needed for different area's of talent. One might be skilled in decapsulation and extraction methods and the other has xray and microscopes and is excellent at detailing :) The bottom line is 90% of the work was NOT associated with the firmware and the job preformed by c4e. The firmware modification was the easy part! Of the 8 months spent on that project, only 24hrs was needed by c4e to complete his part of the project :)
With every release of xtreme and ixtreme firmware different methods of hacking that particular hardware platform became apparent through documentation (tutorials), software (JF, sending cdb's, etc) or specs/technical information released. Speculation is always a key player whether methodology is apparent, released or not.
When the 83850c hit the shelves, the public quickly figured out that there was a flaw: serial output was not working. So the team found a few 83850c's through our usual channels (distributors), purchased them (despite what you think, we usually buy our materials, most dont ever make it back. donations are very 'final'.) and got them shipped to one of our hardware specialists that is capable of decapsulating and reading eeprom's. It takes a rather talented and unique skillset to decapsulate and dump eeprom's with microfiber :) Infact, the 'micro' is a understatement: Its so small its practically invisible to the human eye! Imagine trying to solder that!
Our hardware genius successfully dumped the firmware. Since our crypto (software) genius already cracked the encryption algorithm of the original drive's firmware (which was one of the most difficult tasks of hacking the drive!!) it was just a matter of having him decrypt it for us. Once decrypted, c4e can start doing his patching routines, aswell as analyze the firmware for security changes. For a month I sat in the dark as c4e and the rest of the group 'worked' on getting the drive to output key/serial data. At the time it was presumed impossible. On the 5th week I was brought full circle and informed that the team had been coordinating decisions outside of my knowledge. Apparently the team came to a decision since there was no way to retrieve the key via software. The only hardware method at the time was full acid decapsulation, with the exception of the pin lift method. I would like to take a moment to explain the following with an analogy:
Sir Alex Ferguson is the manager of the world famous Manchester United football(soccer) club. He does not play soccer (he used to). However, he is essential to the success of the the football team. He uses his managerial experience to bring together players that would not normally play the sport together. When the team starts playing, he uses his decision making skills to combat changes within the field. Without him, the team can still play and successful at that! However, without him the team will eventually die, as they will become stale and not progress or get fresh blood into the roster. I use this analogy for myself. I created Team Jungle, which I renamed to THX due to a fallout between me and one of the developers who I had start the project we now know as 'jungle flasher'. He was not a team player(several incidents), so I removed him from the team. Instead of changing the name of his application to disassociate himself from the team, I decided to change the team name! While I created the team, and organized it and made decisions, the essential process (hacking) can obviously be done without me. The team made that choice when they went outside of my circle to discuss the future of LiteOn in regards to the team.
The decision that the team had come to was to integrate a piece of hardware(a modchip) into the process that would make end users capable of modding the new LiteOn drive without us giving away our only hardware 'dumping' method, the pin-lift method recently disclosed by geremia. We did not want MS and LiteOn/MTK to patch the only known software hole(pin-lift method) as that would defeat our capabilities in the future to dump the firmware. While we can always try to decapsulate, there are methods to combat it, and its a very risky process that destroys the hardware. I am also experienced enough to understand that multiple avenues of hacking must be present in order to secure the *future* of this project! The reason the team did not disclose their decision, or the decision making process to me was simple: Greed. They wanted to bargin with the chinese to get the maximum money possible out of each chip sold, and I was one less pie cut. And hey, im not a hacker right? I dont do any work (other than creating the group and making the ENTIRE process possible!) so why should I get paid? Well, no loss on my end, and only theirs(the groups) because I would have been, and argued very strongly against ANY money-based process.
At that time c4e came to me and told me that they had been meeting behind my back and had come to a decision, however c4e in the 5th week after obtaining the fw found out how the serial key output had changed, with a encrypted key data. He had already contacted foundmy and made the key decryption services a reality. He had already consulted with the other group members who (due to legal risk) said they did not want to be a part of it. Everything was ready to launch by the time I was told about it, and asked whether I wanted to be a part of it.
Read the entire story here
|
|
Advertisement
|
 |
|
|
Member
|
2. December 2009 @ 06:11 |
Link to this message
|
|
Wow that is really profound..... finally realising and appreciating what all these guys/girls do for the scene. It would be interesting seeing the other members take on how things panned out.
Lets hope bridges can be built and the team can move on.
|
|
ebxtreme
Member
|
2. December 2009 @ 09:22 |
Link to this message
|
DAMN, DAMN, DAAAAAAAMMNNNN!
So close yet now apparently not so close. iXtreme LT ... grab my hand!!! NO! Noooooooooooooooo!!!
Regardless of the outcome it has definitely been a great run and these guys deserve an endless amount of credit for ALL of their work. This memoir is a definite eye-opener for me and an enlightening read into the world of the former Team Jungle/Team HyperX. I place judgement upon no-one regarding their decisions as all of the past and current team members deserve an enormous amount of credit and praise. However, with that being said financial rewards are eventually desired as well.
I wish these guys all the best in whatever becomes of this and THANK YOU for all you have contributed to the scene.
THANK YOU TEAM JUNGLE/THX!
|
|
gameover9
Suspended permanently
|
2. December 2009 @ 09:34 |
Link to this message
|
|
Not sure what this means....
|
Member
|
2. December 2009 @ 09:56 |
Link to this message
|
|
I'm not sure gameover9 but i hope its Team Jungle / Team hyperX having like a hard reset and levelling the playing field again?????
|
|
qwert99
Senior Member
|
2. December 2009 @ 11:32 |
Link to this message
|
So that's why LT is taking so long to release. All of the firmware team's time is getting taken up devising ways to make money.
Thank god there are some hackers with ethics out there. There are a lot of people talking trash about Geremia, but it seems to me like he is the best friend the modding scene has right now.
$38 on new discs -- Check
$15 on burn after burn that showed as a DVD -- Check
$11 on new laser -- Check
$28 on new multimeter -- Check
___________________________________
Knowledge from Leerage? -- Priceless
|
|
gameover9
Suspended permanently
|
2. December 2009 @ 12:01 |
Link to this message
|
|
why make money? It's against the freaking law. I thought they did it for fun. I know I do. I just charge when I'm reflowing as there is plenty of time involved with that. I don't even mod anymore after the bans.
|
|
qwert99
Senior Member
|
2. December 2009 @ 12:05 |
Link to this message
|
|
Greed is powerful, I guess. Crazy that even that scheme where you could electronically send in your 83x LiteOn files to get your key extracted came directly from the team. Wow.
$38 on new discs -- Check
$15 on burn after burn that showed as a DVD -- Check
$11 on new laser -- Check
$28 on new multimeter -- Check
___________________________________
Knowledge from Leerage? -- Priceless
|
|
gameover9
Suspended permanently
|
2. December 2009 @ 12:22 |
Link to this message
|
|
crazy is right. Apparently someone needs to teach them the law. They are more safe taking donations then demanding $
|
|
w4nker
Junior Member
|
2. December 2009 @ 12:28 |
Link to this message
|
Originally posted by gameover9:
I just charge when I'm reflowing as there is plenty of time involved with that. I don't even mod anymore after the bans.
lol your charging for your time right?? He doesn't just download the firmware he is physically writing the code from nothing... this would take a great deal of time... Also they have to breakdown the existing code before they rebuild.. Does anyone pay him for his time? This is not just an hour process, with each drive or revision that comes out they have to start all over again. The mod scene is so good now, how fast can you flash a drive? Literally minutes, due to great programming and any idiot can flash a drive now because of there work.
Think before you speak!!
|
Senior Member
|
2. December 2009 @ 12:29 |
Link to this message
|
Wow, a hacker's soap opera. These are some really heavy words. Hopefully this doesn't fuel the war and egos any further but no doubt it will definitely open up some old wounds. My hope is that each person that has contributed their time and efforts into making this happen rises to the top of all the banter and drama and continue to push the envelope even further against M$ efforts to patch.
You know, as the end user I have always appreciated the hard work and time I know they have spent in making this great technology. I wouldn't even mind monetarily contributing to help advance these efforts. I know this has been a free scene and now change is on the horizon. But how we react as the end users from here forth will determine if this whole scene gets destroyed or whether it will persevere.
People will pick sides...I see it coming. I see a free verses pay future for the community. New people will rise up on both ends. I just wish it wouldn't be this way.
In any case, thanks to everyone on every side of the fence that's made this possible for me. I definitely appreciate your sacrifices.
-MG
|
|
gameover9
Suspended permanently
|
2. December 2009 @ 12:34 |
Link to this message
|
Originally posted by w4nker:
Originally posted by gameover9:
I just charge when I'm reflowing as there is plenty of time involved with that. I don't even mod anymore after the bans.
lol your charging for your time right?? He doesn't just download the firmware he is physically writing the code from nothing... this would take a great deal of time... Also they have to breakdown the existing code before they rebuild.. Does anyone pay him for his time? This is not just an hour process, with each drive or revision that comes out they have to start all over again. The mod scene is so good now, how fast can you flash a drive? Literally minutes, due to great programming and any idiot can flash a drive now because of there work.
Think before you speak!!
You don't know what you're talking about. He is not writing the code from scratch. He took M$ and made changes to it to make it read backup games. No one is saying the guy isn't good, it's just illegal. I just think it's stupid to charge for hacking.
|
AfterDawn Addict
|
2. December 2009 @ 12:48 |
Link to this message
|
This is bad news for those that have a Lite-On and a banned system and just want an iX firmware that will play all Wave# games.
It would be nice to be able to load games without using the activate disc or patching them to a lower Wave# just to clear the security check on the iX firmware.
Guess it is time to buy a BenQ and spoof my Lite-On key to it so I can play all Wave# games. Better then paying $ every time a firmware update comes out for my banned console.
|
|
gameover9
Suspended permanently
|
2. December 2009 @ 12:52 |
Link to this message
|
LT will be released. Just wait and flash to that. All new waves will not matter with this firmware. They're not going to charge people for LT.
|
Senior Member
|
2. December 2009 @ 13:08 |
Link to this message
|
Originally posted by larrylje:
This is bad news for those that have a Lite-On and a banned system and just want an iX firmware that will play all Wave# games.
It would be nice to be able to load games without using the activate disc or patching them to a lower Wave# just to clear the security check on the iX firmware.
Guess it is time to buy a BenQ and spoof my Lite-On key to it so I can play all Wave# games. Better then paying $ every time a firmware update comes out for my banned console.
This seems to be my next move in anticipation as I also have a lite-on ver. 1 8xxxxx. Would everyone recommend I keep my non-banned 360 off of live and keep modding it....buy a non-banned and use that for online play?
This has been a great week of great news and worse news.
|
|
Link2205
Member
|
2. December 2009 @ 13:54 |
Link to this message
|
Originally posted by larrylje:
This is bad news for those that have a Lite-On and a banned system and just want an iX firmware that will play all Wave# games.
I can some how see the cost of hitachi drives on ebay rocketing in price for people who will just want an offline console to play backups... lol
Originally posted by MrGreaser:
Would everyone recommend I keep my non-banned 360 off of live and keep modding it....buy a non-banned and use that for online play?
Yeah, that's what I'm gonna be doing from now on. I kept one xbox untouched for if ever my modded one got banned(and it did), so I could still get on live. I've picked up another second hand one off ebay with all the cables and a pad for £45 incl p&p. 'Twas so cheap because the disk drive was playing up. Had a Samsung in so I swapped it out and it works great now! ^o^ So screw you microsoft, so only inconvenienced me for a week... XP
This message has been edited since posting. Last time this message was edited on 2. December 2009 @ 14:04
|
|
gameover9
Suspended permanently
|
2. December 2009 @ 13:55 |
Link to this message
|
Originally posted by Link2205:
I can some how see the cost of hitachi drives on ebay rocketing in price for people who will just want an offline console to play backups... lol
??
You can play all games on any drive.
|
|
jpizzle
Senior Member
|
2. December 2009 @ 13:58 |
Link to this message
|
|
is it really that hard to use the Boot Disc ? I'm sorry but a lot of people are starting to sound like whiny little kids.
|
|
Link2205
Member
|
2. December 2009 @ 14:00 |
Link to this message
|
Originally posted by gameover9:
Originally posted by Link2205:
I can some how see the cost of hitachi drives on ebay rocketing in price for people who will just want an offline console to play backups... lol
??
You can play all games on any drive.
Yeah, but Hitachi's flashed with 1.51 firmware haven't been affected by wave updates... Also it can get a lil annoying having to use the activate.iso. I guess I'm just lazy! ^o^
This message has been edited since posting. Last time this message was edited on 2. December 2009 @ 14:02
|
|
gameover9
Suspended permanently
|
2. December 2009 @ 14:01 |
Link to this message
|
Originally posted by jpizzle:
is it really that hard to use the Boot Disc ? I'm sorry but a lot of people are starting to sound like whiny little kids.
Exactly. You can play any game now. Heck, I'm still not banned on xbox live on 1.6.1
|
|
John_Donn
Member
|
2. December 2009 @ 14:15 |
Link to this message
|
|
yea this was a crazy story but lt will most likely be the last realease for the scene......
|
|
gameover9
Suspended permanently
|
2. December 2009 @ 14:18 |
Link to this message
|
Originally posted by John_Donn:
yea this was a crazy story but lt will most likely be the last realease for the scene......
They say this every time. It's not like more people will jump in.
|
AfterDawn Addict
|
2. December 2009 @ 14:37 |
Link to this message
|
Sammy/BenQ firmware isn't effected by WAVE updates either are they? I thought they took out the WAVE# security check in that iX firmware.
Hopefully LT (if they still release it) is the same way.
As to the...
Quote:
is it really that hard to use the Boot Disc ? I'm sorry but a lot of people are starting to sound like whiny little kids.
Did that comment make you feel all grown up?
|
|
gameover9
Suspended permanently
|
2. December 2009 @ 14:41 |
Link to this message
|
|
Currently they can play all games on 1.6.1 but will be effected by future waves. LT won't matter for any drive.
|
|
Advertisement
|
|
|
|
Link2205
Member
|
2. December 2009 @ 14:50 |
Link to this message
|
Originally posted by gameover9:
Currently they can play all games on 1.6.1 but will be effected by future waves. LT won't matter for any drive.
Going back to my previous point of about Hitachi drives going up in price. Not saying they actually will, i was just making a comment. Seeing as Hitachi's aren't affected by new wave releases, it'd be the obvious choice for people who don't want to use the boot disk, especially if LT firmware, or something similar, never happens. I got sick of using my freeloader for my Wii, so I soft-modded it for the convenience...
See my point?
This message has been edited since posting. Last time this message was edited on 2. December 2009 @ 14:51
|
